package com.eage.security.filter;

import com.alibaba.fastjson.JSONObject;
import com.eage.security.ienum.ShiroErrorCode;
import com.eage.security.properties.ShiroGlobalConstant;
import com.eage.security.utils.ShiroThreadLocalMap;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

import static org.apache.shiro.web.util.WebUtils.saveRequest;

/**
 * @Author: lex
 * @Date: 2019/2/27
 */
@Component
@Slf4j
public class ShiroURLFunction {

    public static void saveRequestAndRedirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
        saveRequest(request);
        setHeader((HttpServletRequest) request, (HttpServletResponse) response);
        ShiroErrorCode errorMsg = (ShiroErrorCode) ShiroThreadLocalMap.get("errorMsg");
        PrintWriter out = response.getWriter();
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("code", ShiroGlobalConstant.NO_LOGIN_CODE);
        jsonObject.put("message", errorMsg.getDesc());
        print((HttpServletResponse) response, jsonObject);
        out.flush();
        out.close();
    }

    public static void saveRequestAndRedirectToNoAuth(ServletRequest request, ServletResponse response) throws IOException {
        saveRequest(request);
        setHeader((HttpServletRequest) request, (HttpServletResponse) response);
        PrintWriter out = response.getWriter();
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("code", ShiroGlobalConstant.NO_AUTH_CODE);
        jsonObject.put("message", ShiroThreadLocalMap.get("noAuthError"));
        print((HttpServletResponse) response, jsonObject);
        out.flush();
        out.close();
    }

    /**
     * 为response设置header，实现跨域
     */
    public static void setHeader(HttpServletRequest request, HttpServletResponse response) {
        //跨域的header设置
        response.setHeader("Access-control-Allow-Origin", request.getHeader("Origin"));
        response.setHeader("Access-Control-Allow-Methods", request.getMethod());
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers", request.getHeader("Access-Control-Request-Headers"));
        //防止乱码，适用于传输JSON数据
        response.setHeader("Content-Type", "application/json;charset=UTF-8");
        response.setStatus(HttpStatus.OK.value());
    }

    private static void print(HttpServletResponse response, Object message) {
        try {
            response.setStatus(HttpStatus.OK.value());
            response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
            response.setHeader("Cache-Control", "no-cache, must-revalidate");
            PrintWriter writer = response.getWriter();
            writer.write(JSONObject.toJSONString(message));
            writer.flush();
            writer.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

}
